CVE-2008-6085
7.6
Vector
AV:N/AC:H/Au:N/C:C/I:C/A:C
Exploitability: 4.9 / Impact: 10.0
Source: NVD
Description
Integer overflow in multiple F-Secure anti-virus products, including Internet Security 2006 through 2008, Anti-Virus 2006 through 2008, and others, when configured to scan inside compressed archives, allows remote attackers to execute arbitrary code via a crafted RPM compressed archive file, which triggers a buffer overflow.
Affected (41)
Products: F Secure: F Secure Anti Virus, F Secure Anti Virus For Citrix Servers, F Secure Anti Virus For Microsoft Exchange, F Secure Anti Virus For Mimesweeper, F Secure Anti Virus For Windows Servers, F Secure Anti Virus For Workstations, F Secure Anti Virus Linux Client Security, F Secure Anti Virus Linux Server Security, F Secure Client Security, F Secure Home Server Security, F Secure Internet Gatekeeper For Linux, F Secure Internet Gatekeeper For Windows, F Secure Internet Security, F Secure Linux Security, F Secure Messaging Security Gateway, F Secure Protection Service For Business, F Secure Protection Service For Consumers
Configuration A
| Vulnerable Software | Affected Versions |
|---|---|
| Version 2006 | |
| Up to 7.00 | |
| Up to 7.10 | |
| Up to 5.61 | |
| Up to 8.00 | |
| Version 7.10 | |
| Up to 5.54 | |
| Up to 5.54 | |
| Up to 7.12 | |
| Version 2009 | |
| Up to 2.16 | |
| Up to 6.61 | |
| Version 2006 | |
| Up to 7.01 | |
| Up to 5.0.4 | |
| Up to 3.10 | |
| Up to 8.00 |
Related CWEs
References (12)
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: cve@mitre.org
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Timeline
No history available yet.